I didn't claim to be in favor of Apple retaining control of every iPhone they sell. Please re-read my comment.
My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
In fact, Apple delegates control of an iPhone's userspace execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device (no developer subscription necessary). This is how AltStore works, and allows AltStore users to run emulator apps on the iPhones they own.
> My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
Okay, but that comes out to the same thing, since I can't buy an iPhone which isn't Apple managed. If Apple offered a choice, that would be one thing—but they don't.
> In fact, Apple delegates control of an iPhone's execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device.
What they give you is the ability to sign up to three apps at a time, all of which expire after seven days. It's not useful for anything but testing.
Plus, you're stuck in the App Store sandbox. You can't downgrade to an earlier operating system, you can't inspect the HTTPS traffic being sent out of your phone, and you can't even run anything that uses a JIT.
> What they give you is the ability to sign up to three apps at a time, all of which expire after seven days. It's not useful for anything but testing.
And if they decide to they can flip a switch on their server to disable your account and stop “your” apps from launching.
> Okay, but that comes out to the same thing, since I can't buy an iPhone which isn't Apple managed. If Apple offered a choice, that would be one thing—but they don't.
Well, you know this state of affairs well now, so when you buy an iPhone you willingly opt in to these remote management restrictions. There are lots of smartphones you can buy without such cryptographic boot restrictions.
Many people willingly choose iPhones (even given these constraints), and would prefer a remote party manage their device's security.
Apple's argument is a legitimate one, and you should be able to operate in the market in this fashion. Nobody's forced to buy an iPhone if they don't like how the bootloader is configured or the App Store is run.
> Many people willingly choose iPhones (even given these constraints), and would prefer a remote party manage their device's security.
I mean, but you're making a big assumption there! I buy iPhones in spite of those restrictions, because the only other options have worse processors and cameras, and because most of the people I know use iMessage.
I'd pay double the cost of a normal iPhone for a Security Research Device, if they were available to the general public.
My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
In fact, Apple delegates control of an iPhone's userspace execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device (no developer subscription necessary). This is how AltStore works, and allows AltStore users to run emulator apps on the iPhones they own.